Blocklist Removal Center
About Spamhaus  |  FAQs  |  News Blog   
The Spamhaus DROP List
The DROP List

The DROP List (text)
The EDROP List (text)
BGP Feed
DROP FAQs
The Spamhaus Don't Route Or Peer Lists

DROP (Don't Route Or Peer) and EDROP are advisory "drop all traffic" lists, consisting of netblocks that are "hijacked" or leased by professional spam or cyber-crime operations (used for dissemination of malware, trojan downloaders, botnet controllers). The DROP and EDROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.

Spamhaus Don't Route Or Peer List (DROP)

The DROP list will not include any IP address space under the control of any legitimate network - even if being used by "the spammers from hell". DROP will only include netblocks allocated directly by an established Regional Internet Registry (RIR) or National Internet Registry (NIR) such as ARIN, RIPE, AFRINIC, APNIC, LACNIC or KRNIC or direct RIR allocations.

Spamhaus Extended DROP List (EDROP)

EDROP is an extension of the DROP list that includes suballocated netblocks controlled by spammers or cyber criminals. EDROP is meant to be used in addition to the direct allocations on the DROP list.

Implementation

When implemented at a network or ISP's 'core routers', DROP and EDROP will help protect the network's users from spamming, scanning, harvesting, DNS-hijacking and DDoS attacks originating on rogue netblocks.

Spamhaus strongly encourages the use of DROP and EDROP by tier-1s and backbones.

Spamhaus DROP and EDROP are available in text format. Additionally, these lists (as well as the Spamhaus Botnet C&C list) are available by Spamhaus BGP Feed announced via an Autonomous System Number (ASN). Users can choose to peer with that ASN to null those prefixes as being ranges for which they do not wish to route traffic.

See the DROP FAQ for information on use and implementation.
Caution!

Almost all allocations change over time. Please check regularly to ensure you have the latest version of the DROP and EDROP lists. They should not be imported into your networks filters and forgotten about. If you do not keep this type of filter data up to date, over time you will eventually encounter problems reaching areas of the Internet if allocations listed in an old version of these lists get reassigned to new networks. Before applying any filters or blocks to your network always carefully consider the ramifications of such filters.
© 1998-2014 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy